/etc/passwd file in Linux Explained with Examples

This tutorial explains /etc/passwd file in Linux. The /etc/passwd file stores user’s login information. Learn how the /etc/passwd file is formatted and how the login process read this file to obtain necessary information about a user step by step in detail.

To view the /etc/passwd file, we can use following command.

#cat /etc/passwd

cat /etc/passwd

Each line in /etc/passwd file represents an individual user account and contains following seven fields separated by colons (:).

  • Username or login name
  • Encrypted password
  • User ID
  • Group ID
  • User description
  • User’s home directory
  • User’s login shell

/etc/passwd file field

Let’s understand each field in detail.

User name or Login name

The first field stores username or login name. Login process compares the value stored in this field with the value we typed at the login prompt in username field. If both values match, login process assumes that username is valid. While comparing username, login process starts looking for the supplied username in first field of each line starting from first line and keeps looking until a match is found or all lines are checked.

Since each line represents an individual user account, the value stored in this field must be unique.

This field can store maximum 32 characters. Due to this limit, a username in Linux always consists less than or equal to 32 characters in length.

This field does not have any default value. It means in order to create a new user we must have to supply the desired username.

As we know, Linux is a case sensitive operating system. In order to avoid any unnecessary confusion, we should not use initial capitalization in username. For example, in Linux “Sanjay” and “sanjay” are two different usernames.

Except colons (:) and newlines we are allowed to use any symbol or character in this field. The characters colons and newlines are used as field separator and entry separator in this file respectively.

Although we are allowed to use any symbol or character except colons and newlines, still we should never use special symbols in this field. A username with special symbol works in login process, but it may not work in other processes or services. Let’s take an example to understand it more clearly.

It’s a common practice to use username as email address in Linux. In email address at (@) sign separates recipient name and domain name. A username “sanjay@goswami” if used with default setup in a domain name “example.com”, will become sanjay@goswami@example.com. While phrasing this address, email server will understand domain name as “goswami@example.com” instead of “example.com” and username as “sanjay” instead of “sanjay@goswami”. An email sent on this address will never deliver. The best and safest way to avoid this kind of error, always use alphanumeric characters and generic symbols such as underscore and hyphen in username.

Encrypted password

The second field stores encrypted password. Historically this field used to store user’s password encrypted with DES algorithm. Over the time computing power increased and DES algorithm became trivial to crack. To use a more secure algorithm, Linux moved user’s password in a separate file /etc/shadow. Since user’s password no longer stored in this field, a placeholder value x is used to indicate that actual password is stored in other location.

User ID

Third field stores UID of user. In Linux, every user has a unique ID known as UID (User ID). UID is a 32 bits integer value. Linux uses UID to track and manage each action of user such as creating file, modifying system properties, starting applications and process, etc. The first UID (0) is always assigned to user root. Besides 0, other low UIDs (usually less than 500) are assigned to service accounts such bin, lp, mail, news, games, ftp etc. UIDs of regular user accounts usually start from 500.


Never assign a deleted user account’s UID to a new user account. Linux uses UID rather than login name to tack the files. If files created under deleted account exist in system or restored from backup, new user will be mapped with those files automatically.

Group ID

Fourth field stores GID of user’s primary group. Group information of a user account is stored in /etc/group file separately. Just like user name, group name is also associated with a unique GID. Same as UID, GID is a 32 bits integer value. Linux uses GID instead of group name to track the group access.

A group is a collection of user accounts which are alike or require access to a particular resource. Linux is a multiuser network operating system. Managing services based individual user account is the most tedious task. Grouping makes this job easier. For example you are asked to allow a specific service for twenty users which belong to a particular group. Without grouping you have set the permission twenty times while with grouping you can set the same permission in one time.

In Linux, every user belongs to one or more groups. While creating a user account, if we don’t specify the group name, shell automatically creates a new group and adds user account in that group. This group is known as primary group or default group of the user. Once user account is created, as per requirement it can be added in other groups. Other groups will be considered as secondary groups of the user.

User description

Fifth field stores descriptive information about the user. In a multiuser environment where several users use system, if stored, this field provides all necessary information about a user such as his full name, email address, phone number, position in organization, etc. Usually chfn utility is used to store and finger utility is used to read this information.

Home directory

Sixth field stores information about user’s home directory. Login process uses this information to decide where it has to put the user just after the login. In other words, this is the default directory which user gets just after the login process. While creating a user if this information is omitted, shell will automatically set it to /home/username.

If login process does not find user’s home directory at the location specified in this field, depending on system configuration it may either completely disallow the login or put the user in / directory. Getting root (/) directory just after the login is an indication that user’s home directory is missing or not accessible.

Login shell

The last field stores information about user’s default shell. If no shell information is specified while creating a regular user account, shell will use default value which is /bin/bash. If no shell is required, this field can be set to blank.

Some special accounts never access a shell. Administrators usually assign a fake shell such /bin/false or set this field to blank in these accounts. This precaution prevents hackers from breaking the system through these accounts.

To learn more about different types of user account, you can check this tutorial

Types of User account in Computer Network

It explains types of user account in detail with examples.

That’s all for this tutorial. If you have any feedback or suggestion about this tutorial, please mail me. If you like this tutorial, please don’t forget to share it.

ComputerNetworkingNotes RHCE 7 Study Guide /etc/passwd file in Linux Explained with Examples